SYN floods continue

• Previous message (by thread): SYN floods continue
• Next message (by thread): SYN floods continue
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > I don't know, but since nobody else seems to either, how about a 
> > router box that detects excessive SYN activity and then automatically 
> > blocks that ip address for awhile?  I suppose it just means that
> > the attacker has to vary the source address rapidly.
> > 
> If they modulate the phasers we just need to modulate the sheilds. :-O
> 
> If someone comes up with a good solution we will be glad to impliment it.
> -- 
> /*Joseph T. Klein         *    Keep Cool, but Don't Freeze
> * NAP.NET, LLC            *
> * phone  +1 414 747-8747  *                    - Hellman's Mayonnaise
> * http://www.nap.net     */

Well, it's a good analogy (modulating the phasers).
But they're *randomizing* the phasers...

Avi

• Previous message (by thread): SYN floods continue
• Next message (by thread): SYN floods continue
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]